Configuring security for your environment

In most cases, you enable Derby's
security features through the use of properties. It is important to understand
the best way of setting properties for your environment.

Derby does
not come with a built-in superuser. For that reason, be careful when configuring Derby for user authentication
and user authorization.

When first working with security, work with system-level properties only
so that you can easily override them if you make a mistake.

Be sure to create at least one valid user, and grant that user full (read-write)
access. For example, you might always want to create a user called sa with
the password derby while
you are developing.

Test the authentication system while it is still configured at the system
level. Be absolutely certain that you have configured the system correctly
before setting the properties as database-level properties.

Before disabling system-level properties (by setting derby.database.propertiesOnly to
true), test that at least one database-level read-write user (such as sa)
is valid. If you do not have at least one valid user that the system can authenticate,
you will not be able to access your database.